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DETAILED ACTION 

1 . This action is in reply to applicant's correspondence of 26 October 2004. 

2. Claims 1- 26,28,29 are pending for examination. 

3. Claims 1- 26,28,29 remain rejected. 

Claim Rejections - 35 USC §102 
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the 
basis for the rejections under this section made in this Office action: 

(e) the invention was described in (1) an application for patent, published under section 122(b), by another filed 
in the United States before the invention by the applicant for patent or (2) a patent granted on an application for 
patent by another filed in the United States before the invention by the applicant for patent, except that an 
international application filed under the treaty defined in section 35 1(a) shall have the effects for purposes of this 
subsection of an application filed in the United States only if the international application designated the United 
States and was published under Article 21(2) of such treaty in the English language. 

4. Claims 1-6,15-22,26,28,29 are rejected under 35 U.S.C. 102(e) as being anticipated by 
Fischer, U.S. Patent 5,659,617. 

5. As per claim 1 ; "A method for protecting electronic files, comprising: 

obtaining a delay number based on 
delay time period between 

when a timing signal was transmitted from a remote source and 
when the timing signal was received [col. 1, lines 5-col. 4,line 27, 
whereas information regarding physical location via the LCU based 
certificate aspect is GPS based; such that it is inherent that the GPS 
functionality is derived from the fact that GPS determined location is a 
function of the differential delays processed from received timing signals 
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(i.e., 'delay time period between') from (i.e., 'timing signal was 
transmitted from a remote source') an associated plurality of GPS 
satellites.]; 

obtaining environment information regarding a computer, 
the environment information including 
the delay number and 

data concerning an operating environment of the computer [col. 
1, lines 5-col. 4,line 27, whereas environment information regarding a 
computer clearly deals with its physical location during access (i.e., to 
files via standard log-in/log-on) via the LCU based certificate aspect]; 

creating an encryption key based on 

the environment information [col. 1, lines 5-col. 4,line 27, whereas the 

physical location aspect of the LCU is public key based (i.e., col. 3,lines 1 5-col. 

4,line 10) because the certificate is public key based (the key certified by virtue of 

the certificate). Further, the certificate created is inherently a function of the LCU 

and more specifically a function of the location (i.e., \ . . creating an encryption 

key . . . environment information . . . ') of the LCU.]; and 

encrypting an electronic file using 

the encryption key [col. 1, lines 5-col. 4,line 27, whereas the encryption is 

public key based (the encryption key certified by virtue of the certificate (i.e., col. 

2,lines 35-65).].". 
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6. Claim 2 additionally recites the limitation that; "A method as recited in claim 1, further 
comprising 

the operation of creating a decryption key based on 

environment information, 
wherein the decryption key can be utilized to 
decrypt the electronic file". 
The teachings of Fischer suggest such limitations (col. 1, lines 5-col. 4,line 27, whereas the 
encryption and associated decryption is public key based (the encryption key certified by virtue 
of the certificate (i.e., col. 2,lines 35-65) which is certified to assure proper association of the 
public (i.e., encryption) and private (i.e., decryption) keys in public key based cryptographic 
functionality.). 

7. Claim 3 additionally recites the limitation that; "A method as recited in claim 2, 
wherein 

the encryption key and 
the decryption key 

are 

public key infrastructure (PKI) based keys.". 
The teachings of Fischer suggest such limitations (col. 1, lines 5-col. 4,line 27, whereas the 
encryption and associated decryption is public key based (the encryption key certified by virtue 
of the certificate (i.e., col. 2,lines 35-65) which is certified to assure proper association of the 
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public (i.e., encryption) and private (i.e., decryption) keys in public key based cryptographic 
functionality.). 

8. Claim 4 additionally recites the limitation that; "A method as recited in claim 1, 
wherein the environment information includes 

location information of the computer.". 
The teachings of Fischer suggest such limitations (col. 1, lines 5-col. 4,line 27, whereas 
environment information regarding a computer clearly deals with its physical location during 
access (i.e., to files via standard log-in/log-on) via the LCU based certificate aspect.). 

9. Claim 5 additionally recites the limitation that; "A method as recited in claim 4, 
wherein the location information specifies 

a location of the computer within a predetermined range.". 
The teachings of Fischer suggest such limitations (col. l,lines 5-col. 4,line 27, whereas 
environment information regarding physical location via the LCU based certificate aspect is such 
that the GPS accuracy and inherent tolerance of timing (i.e., col. 5,lines 9-col. 9,line 31, 
beacon/clock timing) errors clearly allows for the location information specifies a location of the 
computer within a predetermined range.). 

10. Claim 6 additionally recites the limitation that; "A method as recited in claim 5, 
wherein the location information is provided by 

global positioning satellite (GPS) data.". 
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The teachings of Fischer suggest such limitations (col 1, lines 5-col. 4,line 27, whereas 
environment information regarding physical location via the LCU based certificate aspect is GPS 
based.). 

11. As per claim 15; "A method for protecting electronic files, comprising: 
obtaining a first delay number based on 
delay time period between 

when a first timing signal was transmitted from a remote source 

and 

when the first timing signal was received [col. 1, lines 5-coL 4,line 27, whereas 
information regarding physical location via the LCU based certificate aspect is GPS 
based; such that it is inherent that the GPS functionality is derived from the fact that GPS 
determined location is a function of the differential delays processed from received 
timing signals (i.e., 'delay time period between') from (i.e., 'timing signal was 
transmitted from a remote source') an associated plurality of GPS satellites.]; 
storing an electronic file encrypted using an encryption key, 

wherein the encryption key is created using a first environment profile of a 
computer, and 

wherein the environment profile includes the first delay number and data 
concerning an operating environment of the computer [col. 1, lines 5-col. 
4,line 27, whereas environment information regarding a computer clearly 
deals with its physical location during access (i.e., to encrypted and clearly 
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stored files via standard log-in/log-on) via the LCU based certificate 
aspect. Further, the physical location aspect of the LCU is public key 
based (i.e., col. 3,lines 15-col. 4,line 10) because the certificate is public 
key based (the key certified by virtue of the certificate), and the encryption 
is public key based (the encryption key certified by virtue of the certificate 
(i.e., col. 2,lines 35-65).]; 
obtaining a second delay number based on 
delay time period between 

when a second timing signal was transmitted from a remote source 

and 

when the second timing signal was received [col. 1, lines 5-col. 4,line 27, whereas 
information regarding physical location via the LCU based certificate aspect is GPS 
based; such that it is inherent that the GPS functionality is derived from the fact that GPS 
determined location is a function of the differential delays processed from received 
timing signals (i.e., 'delay time period between') from (i.e., 'timing signal was 
transmitted from a remote source') an associated plurality of GPS satellites.]; 

obtaining a second environment profile of the computer based on a current 
operating environment of the computer, 

wherein the environment profile includes the second delay number and 

data concerning an operating environment of the computer [col. 1, lines 5-col. 

4,line 27, whereas environment information regarding a computer clearly deals 

with its physical location during access (i.e., during second operating environment 
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of the computer data collection for the purpose of comparison of profile 
information for the explicit purpose of file access of to encrypted and clearly 
stored files via standard log-in/log-on) via the LCU based certificate aspect]; 
creating a decryption key based on the second environment profile; and 
decrypting the electronic file using the decryption key [col. 1, lines 5-col. 4,line 
27, whereas the encryption and associated decryption is public key based (the 
encryption key certified by virtue of the certificate (i.e., col. 2,lines 35-65) which 
is certified to assure proper association of the public (i.e., encryption) and private 
(i.e., decryption) keys in public key based cryptographic functionality. Further, 
the certificate created is inherently a function of the LCU and more specifically a 
function of the location (i.e., \ . . creating an decryption key . . . second 
environment profile . . . ') of the LCU.]". 

12. Claim 16 additionally recites the limitation that; "A method as recited in claim 15, 
wherein the encryption key and the decryption key are further based on a passcode received from 
a user.". 

The teachings of Fischer suggest such limitations (col. 1, lines 5-col. 4,line 27, whereas the public 
key based encryption key certified by virtue of the certificate (i.e., col. 2,lines 35-65), and further 
layered access control derived from using said certificate, is associated with the use of 
PIN/password functionality for the LCU (i.e., col. 3,lines 63-col. 4,line 10, col. 10,lines 45-col. 
11, line 5).). 
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13. Claim 17 additionally recites the limitation that; "A method as recited in claim 16, 
further comprising the operation of appending the first environment profile to the passcode to 
generate the encryption key.". 

The teachings of Fischer suggest such limitations (col.' Mines 5-col. 4,line 27, whereas the public 
key based encryption key certified by virtue of the certificate (i.e., col. 2,lines 35-65), and further 
layered access control derived from using said certificate, is associated with the use of 
PIN/password functionality for the LCU (i.e., col. 3,lines 63-col. 4,line 10, col. 10,lines 45-col. 
1 Mine 5).). 

14. Claim 18 additionally recites the limitation that; "A method as recited in claim 17, 
further comprising the operation of appending the current environment profile to the passcode to 
create the decryption key.". 

The teachings of Fischer suggest such limitations (col. l,lines 5-col. 4,line 27, whereas the public 
key based encryption key certified by virtue of the certificate (i.e., col. 2,lines 35-65), and further 
layered access control derived from using said certificate, is associated with the use of 
PIN/password functionality for the LCU (i.e., col. 3,lines 63-col. 4,line 10, col. 10,lines 45-col. 
1 1, line 5). Further, the certificate created is inherently a function of the LCU and more 
specifically a function of the location (i.e., ' . . . create the decryption key . . . ') of the LCU.). 

15. Claim 19 additionally recites the limitation that; "A method as recited in claim 18, 
wherein the decryption key cannot decrypt the electronic file when the current environment 
profile does not match the first environment profile .". 
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The teachings of Fischer suggest such limitations (col. 1, lines 5-col. 4,line 27, whereas the public 
key based encryption key certified by virtue of the certificate (i.e., col. 2,lines 35-65), and further 
layered access control derived from using said certificate, is associated with the use of 
PIN/password functionality for the LCU (i.e., col. 3,lines 63-col. 4,line 10, col. 10,lines 45-col. 
11, line 5).). 

16. Claim 20 additionally recites the limitation that; "A method as recited in claim 19, 
wherein a match occurs when the data in the current environment profile is within a 
predetermined range of the data in the first environment profile.". 

The teachings of Fischer suggest such limitations (col. l,lines 5-col. 4,line 27, whereas the public 
key based encryption key certified by virtue of the certificate (i.e., col. 2,lines 35-65), and further 
layered access control derived from using said certificate, is associated with the use of 
PIN/password functionality for the LCU (i.e., col. 3,lines 63-col. 4,line 10, col. 10,lines 45-col. 
1 l,line 5). Further, whereas the aspect of the environment information regarding physical 
location via the LCU based certificate is such that the GPS accuracy and inherent tolerance of 
timing (i.e., col. 5,lines 9-col. 9,line 31, beacon/clock timing) errors clearly allows for the 
location information specifies a location of the computer within a predetermined range.). 

17. Claim 21 additionally recites the limitation that; "A method as recited in claim 15, 
wherein the environment profile includes location information specifying a location of the 
computer within a predetermined range.". 
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The teachings of Fischer suggest such limitations (col. l,lines 5-col. 4,line 27, whereas 
environment information regarding physical location via the LCU based certificate aspect is such 
that the GPS accuracy and inherent tolerance of timing (i.e., col. 5,lines 9-col. 9,line 31, 
beacon/clock timing) errors clearly allows for the location information specifies a location of the 
computer within a predetermined range.). 

18. Claim 22 additionally recites the limitation that; "A method as recited in claim 21, 
wherein the location information is provided by global positioning satellite (GPS) data.". 
The teachings of Fischer suggest such limitations (col. 1, lines 5-col. 4,line 27, whereas 
environment information regarding physical location via the LCU based certificate aspect is GPS 
based.). 

19. As per claim 26; "A method for protecting electronic files comprising; 

authenticating a digital transaction using a delay number based on 
a delay time period between 

when a timing signal was transmitted from a remote source and 
when the timing signal was received [col. 1, lines 5-col. 4,line 27, 
whereas environment information regarding a computers physical location 
as a function of GPS (i.e., col. 2,lines 3-19, col. 4,lines 27-col. 5,line 22) 
via the LCU based certificate clearly uses remote source (GPS satellite 
transmission) to LCU (receiving said transmission) as a delay number 
based on a timing signal.]; 
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obtaining environment information regarding a computer, the environment 
information including 

the delay number and 

data concerning an operating environment of the computer [col. 1, lines 5- 
col. 4,line 27, whereas environment information regarding a computer clearly 
deals with its physical location during access (i.e., to files via standard log-in/log- 
on) via the LCU based certificate aspect]; 

creating an encryption key based on the environment information [col. 1, lines 5- 
col. 4,line 27, whereas physical location aspect of the LCU is public key based 
(i.e., col. 3,lines 15-col. 4,line 10) because the certificate is public key based (the 
key certified by virtue of the certificate). Further, the certificate created is 
inherently a function of the LCU and more specifically a function of the location 
(i.e., ' . . . creating an encryption key . . . environment information . . . ') of the 
LCU.]; and 

encrypting an electronic file using the encryption key [col. 1, lines 5-col. 4,line 27, 
whereas the encryption is public key based (the encryption key certified by virtue 
of the certificate (i.e., col. 2,lines 35-65).].". 

20. Claim 28 additionally recites the limitation that; "A method as recited in claim 26, 
wherein the delay in the timing signal is caused by free electrons in a line of sight between the 
remote source and a receiver.". 
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The teachings of Fischer suggest such limitations (col. ljines 5-col. 4,line 27, whereas 
environment information regarding a computers physical location as a function of GPS (i.e., col. 
2,lines 3-19, col. 4,lines 27-col. 5,line 22) via the LCU based certificate clearly uses remote 
source (GPS satellite transmission) to LCU (receiving said transmission) and the delay in the 
timing signal is inherently a timing aspect caused by free electrons in a line of sight between the 
remote source and a receiver.). 

21 Claim 29 additionally recites the limitation that; "A method as recited in claim 28, 
wherein the delay in the timing signal is further caused by variations in atmospheric conditions ". 
The teachings of Fischer suggest such limitations (col. 1, lines 5-col. 4,line 27, whereas for GPS 
using remote source (GPS satellite transmission) to LCU (receiving said transmission) delay in 
the timing signal is inherently a timing aspect further caused by the variations in atmospheric 
conditions.). 

Claim Rejections - 35 USC § 103 
The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set forth in 
section 102 of this tide, if the differences between the subject matter sought to be patented and the prior art are 
such that the subject matter as a whole would have been obvious at the time the invention was made to a person 
having ordinary skill in the art to which said subject matter pertains. Patentability shall not be negatived by the 
manner in which the invention was made. 
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22. Claims 7-9,23 are rejected under 35 U.S.C. 103(a) as being unpatentable over Fischer, 
U.S. Patent 5,659,617 as applied to claims 1,15,26 respectively, above, and further in view of 
Overfield, U.S. Patent 5,598,577. 

Claim 7 additionally recites the limitation that; U A method as recited in claim 1, wherein 
the environment information includes drive information regarding a drive wherein the electronic 
file will be stored"; 

Claim 8 additionally recites the limitation that; "A method as recited in claim 7, wherein 
the drive information includes a drive identifier that identities the particular drive wherein the 
electronic file will be stored."; 

Claim 9 additionally recites the limitation that; "A method as recited in claim 7, wherein 
the drive information includes an electronic address assignment of the particular drive wherein 
the electronic file will be stored."; 

Claim 23 additionally recites the limitation that; "A method as recited in claim 15, 
wherein the environment information includes drive information regarding a drive wherein the 
electronic file will be stored.". 

The teachings of Fischer suggest base claims ("A method for protecting electronic files, 
comprising: obtaining environment information regarding a computer, the environment 
information including data concerning an operating, environment of the computer.. .") 
limitations (Abstract, col. l,lines 5-col. 4,line 27, col. 5,lines 9-col. 9,line 31) without explicitly 
teaching of the use of "environment information includes drive information [including 
'electronic address assignment'] regarding a drive wherein the electronic file will be stored". 
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Overfield teaches of using; "[system software] queries a disk drive to determine its 
model. The system software checks the corresponding response string with reference to a table 
of recognized model strings (in encrypted format). If the drive's response string is recognized in 
this table, then the drive parameters can be set appropriately. [Abstract, col. 1, lines 32-coI. 4,line 
45]" Such that "the corresponding response string" clearly corresponds to drive information 
(including "electronic address assignment"). 

Thus, it would have been obvious to a person of ordinary skill in the art at the time of the 
invention to have been motivated to combine the Overfield disk drive querie/response parameter 
authentication and authorization invention, to the Fischer method/system protecting electronic 
files via obtaining environment information (location certificate based) regarding a computer. 

Such motivation to combine would clearly encompass the need to allow for qualitatively 
superior authentication scenario to improve security in a disk file configured computer system, 
whereas the authentication and authorization for file access (i.e., disk drive specific via drive 
configuration) clearly is a function of said disk drive querie/response parameters, (i.e., col. 9,line 
62-col. 10,line 54). 

23. Claims 10-14,24-25 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
Fischer, U.S. Patent 5,659,617 as applied to claims 1,15,26 respectively, above, and further in 
view of Schneck et al, U.S. Patent 5,933,498. 

Claim 10 additionally recites the limitation that; "A method as recited in claim 1, 
wherein the environment information includes time information specifying access duration "; 
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Claim 1 1 additionally recites the limitation that; "A method as recited in claim 10, 
wherein the access duration is a time range indicating a time period when the electronic file can 
be accessed."; 

Claim 12 additionally recites the limitation that; "A method as recited in claim 1 1, 
wherein the electronic file cannot be decrypted at a time outside the time range."; 

Claim 13 additionally recites the limitation that; "A method as recited in claim 10, 
wherein the access duration is a date range indicating a range of dates when the electronic file 
can be accessed."; 

Claim 14 additionally recites the limitation that; "A method as recited in claim 13, 
wherein the electronic file cannot be decrypted at a date outside the date range."; 

Claim 24 additionally recites the limitation that; "A method as recited it claim 15, 
wherein the environment information includes time information specifying access duration, 
wherein the access duration is a time range indicating a tine period when the electronic file can 
be accessed."; 

Claim 25 additionally recites the limitation that; "A method as recited it claim 15, 
wherein the environment information includes date information specifying access duration, 
wherein the access duration is a date range indicating dates that the electronic file can be 
accessed". 

The teachings of Fischer suggest base claims ("A method for protecting electronic files, 
comprising: obtaining environment information regarding a computer, the environment 
information including data concerning an operating, environment of the computer...") 
limitations (Abstract, col. l,lines 5-col. 4,line 27, col. 5,lines 9-col. 9,line 31) without explicitly 
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teaching of the use of "time [and date] range indicating a time period [and date period] when the 
electronic file can [and can't] be accessed [decrypted]". 

Schneck et al teaches of using; "A method and device are provided for controlling access 
to data. Portions of the data are protected and rules concerning access rights to the data are 
determined. Access to the protected portions of the data is prevented, other than in a non-useable 
form; and users are provided access to the data only in accordance with the rules as enforced by a 
mechanism protected by tamper detection. A method is also provided for distributing data for 
subsequent controlled use of those data. The method includes protecting portions of the data; 
reventing access to the protected portions of the data other than in a non-useable form; 
determining rules concerning access rights to the data; protecting the rules. . . [Abstract], and 
further; "The invention can restrict the qualities or quantities of access to data in any manner 
that can be calculated or enumerated. A non-exhaustive, representative set of examples is given 
below..." [col. 25,lines 6-col. 27,line 27]" such that "the non-exhaustive, representative set of 
examples is given below. . . [list]" clearly corresponds to "time [and date] range indicating a time 
period [and date period] when the electronic file can [and can't] be accessed [decrypted]" via the 
specific policy creation as used for the said encryption/decryption and access control 
fiintionality. 

Thus, it would have been obvious to a person of ordinary skill in the art at the time of the 
invention to have been motivated to combine the Schneck et al policy based access control 
invention, to the Fischer method/system protecting electronic files via obtaining environment 
information (location certificate based) regarding a computer. 
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Such motivation to combine would clearly encompass the need to allow for qualitatively 
superior authentication scenario to improve security in a disk file configured computer system, 
whereas the authentication and authorization for file access (i.e., disk drive specific via drive 
configuration) clearly is a function of said disk drive policy access time, date, etc., criteria, (i.e., 
Abstract, col. 6,line 49-col. 8,line 47, col. 25,lines 6-col. 27,line 27). 



Application/Control Number: 10/003,572 Page 19 

Art Unit: 2136 

Conclusion 

24. The examiner points out that the amending of the claim language to change the phrase 

. . generating . . . key " to ". . . creating . . . key" does not tend to patently distinguish the claim 
from prior art per se. 

Also, while not used in the 102' or 103' rejection, the use of location within a network 
(i.e., IP address) and associated environment information regarding a computer is used in the 
activation of various operating systems (i.e., Windows XP ™) whereas if the location of the 
computer changes (i.e., new MAC number from a new NIC installed on the PC) or the PC 
hardware is sufficiently altered (i.e., other new hardware installed/de-installed), activation of the 
operating system will not occur, and the encryption of associated activation parameters will not 
occur. 

25. Any inquiry concerning this communication or earlier communications from examiner 
should be directed to Ronald Baum, whose telephone number is (571) 272-3861, and whose 
unofficial Fax number is (571) 273-3861. The examiner can normally be reached Monday 
through Thursday from 8:00 AM to 5:30 PM. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Ayaz Sheikh, can be reached at (571) 272-3795. The Fax number for the organization 
where this application is assigned is 703-872-9306. 

Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for published applications 
may be obtained from either Private PAIR or Public PAIR. For more information for 
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unpublished applications is available through Private PAIR only. For more information about the 
PAIR system, see http://pair-direct.uspto.gov . Should you have questions on access to the Private 
PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). 

Ronald Baum 
Patent Examiner 
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